CVE-2022-38840 PoC — MAN-EAM-0003 代码问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-38840.yaml

Associated Vulnerability

Title:MAN-EAM-0003 代码问题漏洞 (CVE-2022-38840)
Description:Güralp Systems MAN-EAM-0003是Güralp Systems公司的一个传感器。 MAN-EAM-0003 V3.2.4版本存在安全漏洞，该漏洞源于存在XML外部实体注入(XXE)漏洞。

Description

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.

File Snapshot


 id: CVE-2022-38840

info:
  name: Güralp MAN-EAM-0003 3.2.4 - XML External Entity (XXE)
  author: da

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!